Friday, April 20, 2012

Cloud Yells At Old Man

In what has been called a proof-of-concept, a team of researchers out of Princeton and Purdue Universities have created a firewall device for medical devices, which they've dubbed MedMon, for 'medical monitoring'.

Yes, ladies and gentlemen, technology has advanced to the point where pacemakers need to have firewalls. Last year, at the Black Hat Security Conference, one Jay Radcliffe demonstrated how it's possible to hack a continuous glucose meter, as well as an insulin pump. (Radcliffe, it will not surprise you to learn, is a diabetic.) The glucose meter had no way of knowing where its data was coming from (after all, this isn't a thing the manufacturers were even thinking about when they produced it), which meant Radcliffe could screw with its readings remotely. The insulin pump, thanks to a malicious script, could be remotely shut off.

There is an entire paper on this from 2010, 'Killed by Code: Software Transparency in Implantable Medical Devices'. You can see it here.

MedMon is designed to detect these outside signals, and if it finds anything malicious, it puts out a jamming signal to block it and protect the wearer.

You might think that this is all a little over the top. After all, has anyone actually killed anyone like this? Almost certainly not. But does that mean someone won't try it in the future? After all, now people know it can be done. Proof of concept is about doing something; proving it can be done. Everything after that is just finding easier ways to do it.

Ask yourself this: how many people in the world have medical implants? How many people of significant importance have them? And how many people want those people dead?

No comments: